GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10,046 advisories
Filter by severity
A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9...
Low
Unreviewed
CVE-2024-44918
was published
Aug 30, 2024
An application can be configured to block boot attempts after consecutive tamper resets are...
Low
Unreviewed
CVE-2024-2502
was published
Aug 30, 2024
Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect...
Low
Unreviewed
CVE-2024-43944
was published
Aug 29, 2024
Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory...
Low
Unreviewed
CVE-2024-38304
was published
Aug 29, 2024
'Rakuten Ichiba App' for Android 12.4.0 and earlier and 'Rakuten Ichiba App' for iOS 11.7.0 and...
Low
Unreviewed
CVE-2024-41918
was published
Aug 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Low
Unreviewed
CVE-2024-42792
was published
Aug 26, 2024
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within...
Low
Unreviewed
CVE-2024-8011
was published
Aug 25, 2024
In the Linux kernel, the following vulnerability has been resolved:
io_uring: add a schedule...
Low
Unreviewed
CVE-2022-48937
was published
Aug 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Add schedule points in...
Low
Unreviewed
CVE-2022-48939
was published
Aug 22, 2024
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...
Low
Unreviewed
CVE-2022-26328
was published
Aug 21, 2024
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This...
Low
Unreviewed
CVE-2024-7722
was published
Aug 21, 2024
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which...
Low
Unreviewed
CVE-2024-7998
was published
Aug 21, 2024
In the Linux kernel, the following vulnerability has been resolved:
udf: Fix bogus checksum...
Low
Unreviewed
CVE-2024-43845
was published
Aug 17, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: virt_wifi: avoid...
Low
Unreviewed
CVE-2024-43841
was published
Aug 17, 2024
In JetBrains TeamCity before 2024.07.1 self XSS was possible in the HashiCorp Vault plugin
Low
Unreviewed
CVE-2024-43808
was published
Aug 16, 2024
In JetBrains TeamCity before 2024.07.1 reflected XSS was possible on the agentPushPreset page
Low
Unreviewed
CVE-2024-43809
was published
Aug 16, 2024
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an...
Low
Unreviewed
CVE-2024-7868
was published
Aug 15, 2024
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion...
Low
Unreviewed
CVE-2024-7866
was published
Aug 15, 2024
In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow...
Low
Unreviewed
CVE-2024-7867
was published
Aug 15, 2024
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1...
Low
Unreviewed
CVE-2024-24973
was published
Aug 14, 2024
Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software...
Low
Unreviewed
CVE-2023-35061
was published
Aug 14, 2024
Insufficient access controls in ASP kernel may allow a
privileged attacker with access to AMD...
Low
Unreviewed
CVE-2021-26387
was published
Aug 13, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,...
Low
Unreviewed
CVE-2023-20512
was published
Aug 13, 2024
An insufficient session expiration vulnerability [CWE-613] vulnerability in FortiOS 7.2.5 and...
Low
Unreviewed
CVE-2022-45862
was published
Aug 13, 2024
Improper validation of array index in Power Management Firmware (PMFW) may allow a privileged...
Low
Unreviewed
CVE-2023-31307
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API